package cn.tedu.kcircle.security.support.handler;

import cn.tedu.kcircle.common.restful.JsonResult;
import cn.tedu.kcircle.common.restful.ResponseCode;
import cn.tedu.kcircle.common.util.CustomResponse;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import java.io.IOException;

@Slf4j
public class CustomAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
        //处理未授权的情况下 向需要通过授权的资源发起请求导致403错误的问题
        String message = "您暂时没有页面的访问权限，请联系管理员！";
        log.error(message,accessDeniedException);
        JsonResult result = JsonResult.failed(ResponseCode.ERROR_FORBIDDEN, message);
        CustomResponse.sendResponse(response,result);
    }
}
